Today I read that The Pirate Bay tested this new form of monetization (running a miner in you browser). I thought that might solve website monetization finally. We still have to figure out stuff like battery draining on mobile but it is the first step and I can buy some Monero which is well suited for JS/CPU mining (or in other words, it doesn't have a huge upside when mined on GPUs).
And what do I see here? That before it even started people are fighting it.
Found this solution better than ads and infinetely loading ad-tech JS files.
I'd rather pay with my wallet than with my battery. And I'll pay only what I buy. Lock me out if I don't pay, or tell me to GTFO, and I'm totally fine with it, but you can't pick my hypotethical-pocket because I opened up your page. This is like charging window-shoppers.
And like a sibling comment says, if this catches on, most web sites will do both, i.e. ads + client-side mining.
One nice day publishing industry will no longer be an industry but a group of non-profits, which won't have to sell stuff, and publish way more objective and high-quality stuff.
I'm going to throw my solution in the ring for HN's consideration - https://Datajoy.us/fupm.html: lets make paying for content so simple that both you and the domain owner can happily set it up and let it do its thing behind the scenes as you surf the web.
Right now, it is being trialed for blogs and other top level domain content providers. First payments will be made Oct 1st.
I'd argue that ads already pick your pocket just for window shopping the page.
There's no such thing as Adblock for video streams on Twitch anymore; the ads are burned into the stream, so you can't block them. (Hopefully YouTube won't switch to the same tech.)
Is that picking your pocket just for watching a video steam? If not, why is a video steam materially different from consuming a website?
Ad money comes from a third party, not me. Whereas with this coinhive thing, I'm paying with my computational power and my battery (which is the most important thing here). Traditional internet ads increase resource consumption too, which is part of why we block them. Ads that are part of a video are different, you can skip them, and they cant breach your privacy (I dont know what Twitch are doing, though).
It's clearly the future of ad delivery. If you burn ads into video, you can't block them short of doing some kind of realtime detection against the video frames.
It absolutely sucks because the pause button has become a "play ad" button. There's no way to temporarily pause anymore without showing an ad. Hopefully they won't realize they can do the same thing for the mute button.
Back before cable companies gave everyone a DVR to try to kill Tivo (their plan was kill Tivo then kill the DVR but courts got in their way), I had a hacked Tivo with a network card. I could pull recorded shows off onto my PC. And then the PC would run a custom bit of software that would process the video and strip out the commercials (or you could have it just insert auto-jumps for the Tivo to follow). That was back in the very early 2000s... so I'd expect this would not be difficult at all now. The software back then did raw processing of the stream and, as I understood it, looked for stacks of I-frames and fade-to-black as well as volume differences. Those stats might be different for online ads, but a little experimentation would solve it.
I'm being unrelated, but thank you for this comment.
This instantly brought me back to the 2003/2004 Computer Magazine articles with customized TiVo Setups or homebrewed alternatives entirely running on a media center PC.
It was a fun time! I got to find out that if your local cable company responds with "huh?" when you ask for a cable box with an active firewire port (just for reliable channel changing, I was never able to get video) and then call the state utilities commission when they refuse... you get a call from the actual owner of the local Time Warner franchise confused out of his mind! That was fun... he called saying "you were asking about whether our cable boxes were fireproof?" so I got to explain what Firewire was, that they were legally obligated to provide a box with an active port if I requested one under such-and-such FCC regulation, etc. They eventually figured out what checkbox on my account to tick and I got it.
I still have the hacked Tivo with its network card actually, down in the basement. Hasn't been used for probably going on a decade, but I loved that thing to death while it lasted.
That'd fix the mute button, but if you stop and start the stream, you'll get an ad regardless of the player.
Tune in to Vinesauce (https://twitch.tv/vinesauce) tonight at around 9PM-10PM PST. In addition to being a fun Sunday stream, you'll be able to see first hand what the new ad delivery system is like.
...you do realize "non-profit" doesn't mean they don't make money, right? It means they don't show a profit. They still need to monetize their offering, and unless you've got a solution yet to be offered up... it'll be the exact same thing as "for-profit" companies do. As for "objective" - most non-profits are far less objective because they thrive off donations.
Throwaway account means just that. No point in replying to them. They don't log back in to reply to you. They just waste space with random comments and get downvoted to deletion. HN accepts and welcomes this behavior in exchange for simpler account creation process.
Ugh...no. The carbon footprint of cryptocurrencies is already borderline-unconscionable, and that's with purpose-built hardware that achieves efficiency beyond what consumer-grade equipment can. Moving mining onto consumer hardware and implementing it in JavaScript is a huge step backwards.
The idea that mining is a waste is a bit strange to me - of course it is a waste, that is the genius insight of it all. Waste is the most powerful thing, it is pure cost, the hardest thing to do, raw sacrifice. There are no tricks or shortcuts to over-taking the blockchain, just pure cost and waste. If the proof-of-work had value and could be sold, it would make the network less safe, and less predictable, subject to the whims of the market for its output, and able to fund its attackers while they attack. Proof-of-work is a nice way of saying proof-of-waste.
There are other types of consensus mechanisms, like proof-of-stake, that are much more energy efficient, with their own set of pros and cons. They should, and will, exist; but there will still always be at least one proof-of-waste blockchain. Waste is the gold-standard of expense.
The environment issue is a societal one. We need to move to clean energy, and we are.
1. PoW based on waste which has massive negative externalities is abusive. Power generation generally has large negative externalities. Bitcoin kills.
2. PoS is just another type of PoW - people will compete to earn the PoS rewards up until they are "burning" 0.99 worth of potential ETH they could have earned (with stocks or bonds for example) for every 1 ETH they earn through PoW. The difference is, PoS has nearly 0 negative externalities and is funded entirely through capital which was created out of thin air, namely, ETH. The capital required to fund BTC's PoW comes externally. So switching to PoW is a capital-creating act and naturally increases the value of the currency & network.
Abusive is not a fair word. The system allows for something that was never before possible. Waste is how it works. Everything takes energy to accomplish, every input to a process is waste in the end. The total cost vs. benefit is what matters. We could each name many things in society that produce much more carbon, that are much less useful than a decentralized ledger - and no-one would call them abusive.
Call it what you want, but the language of "negative externality" is too clinical in my opinion when it refers to killing people and putting the stability of the entire planet at risk, especially when perfectly adequate non-destructive PoW systems exist, namely, PoS.
I am a fan of PoS, but it is still different from PoW, with its own set of risks and benefits. Decentralized databases are important and society should have redundancy in their implementations. PoW is still the gold standard.
There are many things that cost the environment much more than Bitcoin, that are much less useful (almost everything?), where is the resistance to those.
Basically if you use resources to build a machine that does something, or just burn the equivalent amount of resources to achieve the same thing, it's about the same.
Cruise ships probably harm the environment significantly more than Bitcoin, are you mad at them?
And in the world that's in a desperate need of both rethinking its energy usage and overhauling the energy sources, in a world in which everyone is politely asked to reduce their carbon footprint, this is the last thing we need - a platform for pure energy waste tied to unadulterated human greed. If I were an evil mastermind, worried that the world is escaping its doom by adopting clean energy too fast, this is what I would do.
Sorry, no, you can't burn my CPU cycles and drain my battery for money. Full stop, end of story, thanks for playing, etc, etc. I still own my computer, and I couldn't care less about your innovative new business model. Just, no.
Yeah but you're not entitled to use their server's resources for free. If you're not okay with them running a miner while you use their site, don't use their site. I'm okay with this approach as long as they are transparent about it.
I am. That's literally how HTTP, and broadly the Internet, works.
If you want to put restrictions on how your site is meant to be used, use appropriate protocol means. Like, respond with 402, or simply don't serve content until I pay you / agree to display ads / agree to run your cryptocoin miners / whatever.
Ads, and sneaky cryptocoin mining scripts, are underhand attempts at having a cake and eating it too. Because they know people don't like to pay, they choose to pretend they're free, while at the same time bleeding the visitors for small amounts of indirect money (in attention => time, or computing resources => electricity).
> Because they know people don't like to pay, they choose to pretend they're free, while at the same time bleeding the visitors for small amounts of indirect money (in attention => time, or computing resources => electricity).
I mean... I get where you're coming from, and I agree that I don't like it either - but I'm curious what the "right" solution is.
I think it's clear that people, on average, hate to pay. They hate to let go of money, and will put up with a surprising amount of bullshit as long as they aren't giving someone else a cent. So what's the winning solution here? Your 402 example is wishful thinking at best, imo.
So far, the only thing I can imagine is some type of system that's built into internet providers. A monetary sharing scheme, based on traffic or viewing receipts, etc. Something to pass revenue via meaningful metrics, and not 402s (which i think are wishful) or crypto mining.
With that said, that seems difficult. Though I do wonder what will happen to these crypto models once they become popular. Suddenly farms will up the hash rate and lower income for site providers. A view will steadily decrease in revenue as hash rate goes up, which will seem to promote longer crypto times. They'll want you to read longer, or wait ~60s before turning to page 2, or etc. All to inch out some extra seconds of crypto time.
Yes, people hate to pay. Like 'Eliezer said once, paying literally feels like losing hit points in a video game. Still, I think we should accept it.
My proposed solution is bit unpopular, but it goes like this: just have people pay actual money. Now, this would cause a lot of the present Internet to disappear, and I say good riddance. Here is why.
The Internet is mostly made of two kinds of people: 1) those who publish stuff pro bono, as a hobby or a service to their fellow Internet citizens, and 2) those who publish stuff in order to earn money. If we switched to ad-free, direct-payment-required Internet, here's what I believe would happen:
- People posting stuff pro bono will still post stuff pro bono, still paying the costs out of their own wallets. That content will mostly remain, and will remain free.
- Businesses that also publish something will start treating publishing as a marketing expense, and that content will also remain free.
- The rest of money-earners will try to switch to a subscription model. Those providing actual value will succeed, and people will pay for their publishing directly. As for the rest, there will be carnage, and they'll disappear from the Internet, no longer profitable. Because this literally affects the most worthless (from consumer's POV) kind of publishing, we'll all be better off without it, and the people involved will have an opportunity to find a more socially useful way of earning a living.
- The adtech industry will collapse, which would be a huge win for freedom and privacy on-line.
Now there's one bad side of this solution that comes to my mind: this privileges people with money to spare. Currently, even though we are drowning in sewage that masquerades as content, people without any spending money (like e.g. teenagers) can access disproportionately big amount of quality information (after they sift through the refuse, of course). I know I personally benefited from that when I was younger. I don't know how to handle this particular case; but overall, I still feel the tradeoff is worth it.
As an aside, I think newer p2p oriented technologies will slowly improve the "pro bono" culture. When we can all host a site with a good UX, easily, that can handle reddit level traffic for free.. the model changes a lot.
Tech like IPFS could make the world a very interesting place.
I hope so. I'm following the development of IPFS closely. In fact, sillysaurus3's subthread about Twitch[0] made me think that maybe something IPFS-like (e.g. the libp2p that powers it) could be used for video streaming, making a streamer independent of big companies subsidizing bandwidth. I'm very hopeful for more developments in this area.
> Ads, and sneaky cryptocoin mining scripts, are underhand attempts at having a cake and eating it too
Like I already said, I'm fine with it if they're transparent about what they're doing. Miners should not run by default, they should get the user's permission first. If they refuse, don't serve the site.
Yes, we agree on that. If and only if they're transparent about the requirements, they can demand whatever they want. They're also free to back those requirements up with tech to get rid of the users who, as you called it, feel entitled anyway.
> If you're not okay with them running a miner while you use their site, don't use their site.
The onus is on the site to not serve up content if they don't trust that I'm running their code as-is at full speed. Nothing about the design of the Web says that servers should trust unauthenticated clients or that clients should prioritize the server's wishes over those of the user. Server operators have no standing to complain when a user agent ignores the server's request for the user agent to do something that is against the user's interests.
Or I mean, you can just ask if the user is okay with the site running a miner, and if they refuse then don't serve the content. That's what I mean by transparency.
Hardly any website is going to be willing to require non-trivial proof of work before delivering content. It might work for cutting off a streaming video and to a lesser extent as a gate before allowing a large file download, but it's completely implausible for a text-based article. Would-be readers are not that patient.
While I sort of share this sentiment, it fails to acknowledge that BC mining is potentially a better use of our CPU cycles than feeding morally dubious ad networks.
As long as someone is upfront about the whole thing, I would honestly not mind. It feels like an improvement over the current status quo.
In fact, since CPU cycles are so easy to give away, I'd probably end up doing so more readily than having to pull out my wallet and run through the hassle of registration and payment.
You simply need to provide a product that has value. If nobody is subscribing, that might be a message that your product isn't actually worth anything.
That's exactly why ads are so popular on-line. With them, it's trivial to waste a bit of time of other people with shitty non-product, and earn some money in the process. The same thing wouldn't fly with subscriptions; you'd actually have to create something valuable.
> And what do I see here? That before it even started people are fighting it.
Seems to me, before it even started, people started abusing it. (e.g. by just keeping it running through the whole session)
If you want to invent some acceptable method of compensation for the web, you should make sure that both sides have power to negotiate a fair price.
With ads and tracking, it seems to be all or nothing: Either unreasonably high prices (perpetual tracking and potential malware for a 5 minute article) or unreasonably low (use an adblocker and get it free)
The "proof of work" payment method seems to have the same problem.
I'm not completely against it, so long as the content provider is transparent about it and as long as it is only active while I am browsing their site and isn't some malware like thing that turns my machine into a zombie. I feel like it would be easy to hijack and hide in a window process though so it just always runs when your browser is running. Even if Pirate Bay, et al doesn't do that...someone will or already has.
That's like saying that regular ad posters on the wall, when someone reads them, are okay to borrow your coat, shoes, and cell phone while you stay in that room.
> We still have to figure out stuff like battery draining on mobile
"Figure out" how? If mining didn't eat lots of power and CPU cycles, it would be useless as proof-of-work and BitCoin couldn't exist. It is literally impossible to do useful amounts of mining in a way that doesn't slow down the mining device and drain its battery.
I would not expect miners to voluntarily stop mining just because the user agent reports low battery. Any miners that care about mobile users could check the user agent string and throttle mining.
If the battery API ever becomes a thing, the first thing I will do is to hack the browser to perpetually report an almost-dying battery. Similarly, if there ever comes a standard for network link quality, I'll make my browser report I'm on a 56k modem.
The reason is simple: whatever cruft the site decides to only serve to high-end users is the cruft I'm very much not interested in seeing.
And because I'm definitely not alone in this thinking, those APIs will be failures for anything other than getting additional bits for tracking and profiling people.
It'd be fine. You would do that, I would do that and most people here would do that. The vast majority of users would not, it's just like adblockers: only a minority uses them.
Meh, then you're back to the same dilemma ads have: you have to convince the users to visit your page from a desktop PC as much as possible. And that usually means making the mobile experience as bad as possible. Which the users won't like for fairly obvious reasons.
Pretty sure user anger didn't stop the prevalence of pop-up Punch The Monkey adverts. The massive rise in adblocking forced the ad industry to stop being quite so obnoxious.
So, yeah, relying on advertisers to not piss off users is a bit much given their business model relies on interrupting your attention.
You have to remember that you're not entitled to their server resources. If you are not okay with a CPU miner, then don't use their site. I'm okay with this as long as they are 100% transparent about their monetization scheme.
The cost isn't what hardware does the most work. It's what time was spent creating the content. Of course they have the choice whether to serve it or not, but don't mistake the hours put into writing an article with the milliseconds used to serve a request. You're not (not) paying for the latter.
What a strange argument, it's not about cost, it's about ownership. The creators own their content, the consumers own their hardware. Either is free to do what they wish with their piece.
Or, use their site, but the end user always dictate the code that runs on their own machine. If the server don't wish for a user to skimp the mining, make them submit the proof of work result first, then serve the content.
> You have to remember that you're not entitled to their server resources.
I am, to the extent their server responds to open protocols on the public Internet. It's up to them, not me, to configure what their server sends when. This is literally how the Internet works.
If you give me code and I don't run it, I don't really think I'm at fault here. If this was opt-in maybe they'd receive more sympathy, but as it stands wasting my electricity to make them a fraction of a cent is a rather unwelcome surprise.
> there is no problem first off and malware is not how you would solve this fantasy of a "problem".
If you think consuming content online without paying anything for it isn't a problem, you're wrong and it's not even debatable [1]. I'm not saying this is a good solution. I'm just pointing out it's not a "fantasy" of a problem.
It is not exactly Google Chrome only, you can run it in any Chromium based browser such as Opera, Yandex, Vivaldi, etc... And I do also have plans to port the extension to FireFox (I haven't read their docs yet but I guess it shouldn't be too hard).
Regarding the custom list for an adblocker, as said in other comments, the idea was to keep it separate from adblocking. Coin mining in the browser is a different issue. Where ads are tracking you and visually interfering with your browsing experience, coin mining, if abused, is eating your computer ressources resulting in slow downs (from high CPU usage) and excessive power consumption. You might be OK with that and not with ads, or vice versa. Or you might just want to keep ads blocked entirely and just enable the coin mining script for a minute to pass a Captcha. That's why I believe having a separate extension is useful.
For context: The Pirate Bay is now launching a javascript-based Monero miner in all visitors' browsers to mine coins for them in the background (possibly as an alternative to ads).
As long as there is disclosure of it and the mining is relatively efficient, that is a very interesting business model. The site collects revenue relative to the amount of time users spend on the site and not the number of page/ad views. It is also a pretty seamless way to integrate micropayments from users into a site. Handing over a credit card number or similar is a big barrier to overcome while this requires no setup for the user. As a user I might prefer this to ads in certain circumstances.
I'd definitely prefer this to ads in a world where phone software and hardware improved energy capacity and efficiency at a faster rate than applications bloat.
I don't think we've reached that point yet. An iPhone doesn't last a single day if you use it the whole time, it would barely last for hours mining constantly.
Why wouldn't you? There are multiple torrent clients for Android (don't know about iOS). Plus if you have a seedbox, you can add torrents from your phone - Transdroid/Transdrone are pretty good.
To add one more question to the one raverbashing posted: How long do you even keep TPB in the background on your phone for it to consume your entire battery?
Paying 50 cents requires you to keep their mining browser tab open for around a week with your CPU churning. Somehow I don't think that's the solution.
Most miners already use GPUs (or ASICs depending on the coin). WebGL would let websites get a relatively larger piece of the pie from dedicated miners.
I don't know what they would have to be mining to make cpu's or integrated GPU's make sense, certainly not bitcoin where even if you pay nothing for electricity to are unlikely to be able to do any useful work in the time someone visits your site.
PirateBay probably won't make any money. I'm considering adding this to an online game, which would probably generate a modest income. Video and social media sites could definitely benefit as well.
I think this would be fine as long as you have the users' consent. I suppose you could even give out rewards to players based on how much they contribute. I see this model in a lot of Android games nowadays (although with ads), you are asked to look at an ad/watch a 30 second video, and in return you get a small amount of in-game currency otherwise only obtainable through spending money.
In the discussion yesterday I estimated 2-5 cents per 24 hours of mining on a users machine (based on quoted hashrates and current prices). That's really not much, even if people actively let it run to help and there is a medium efficiency gain to have somewhere.
It's a card game simulator I have yet to publish. I don't really have a lot of money for server uptime, so it's either ads or this. And it won't be on by default. I'm simply offering users a way to support the site if they like using it, without having to view ads or pay directly (it may or may not affect their electricity bill I guess, but to most people an online game using some extra CPU isn't going to have much impact on them at all).
You are talking about server costs. Get a server at for example online.net (not affiliated) for $9/month or cheaper. That server is going to be able to run your card game easily.
You don't need to spend hundreds of dollars on AWS.
You don't know what my site requires, so you're assuming that whatever hosting you just randomly want to assume is sufficient is enough and so you can discredit my legitimate idea for a possible way to get the required cost to run my site, and possibly also make a little profit. Would you rather have me borrow user's time and attention with ads, or bottom a few of their precious millions of CPU cycles per second? And in case you didn't read what I wrote, I'm not "stealing" anything. The site will be hosted either way, if I have to pay for it out of pocket at a loss then fine. But if people would like to donate CPU time to support the project, there is an off-by-default option to do so, just like there's an off-by-default option to donate money. I fail to see how this is evil.
Ads obviously, as long as you're not using them to spread different kind of malware. It doesn't matter that much to me personally, I'll be blocking whatever garbage you put out anyway, but ads are objectively the better choice as they dont needlessly wreck the environment any further, nor cause unnecessary wear and tear on the hardware of your users.
Anyway, I'd be very interested in hearing how a card game simulator requires more than 8gb of memory and a decent cpu.
God, would you shut up? Jesus, sorry to burst your bubble but people are running their damn CPUs no matter what I do. I heard that some people would prefer client-side mining to ads and I thought I might give that option for those that want it. But I guess that'll cause the Apocalypse next Friday so I'll just go host my application at online.com™ for the low low price of $9 a month, since it's just a card game and can't possibly require anything more than that! Any idiot could see that I don't need to pollute the air and melt the ice caps by trying to give my users options and help support the development of fun internet sites! Could you be any more condescending?
Nope. If you post your idea on a public forum I will be responding with my opinion. Feel free to stop posting if you don't want my replies.
I'm also genuinely curious what kind of card game has such intensive server requirements because I just don't see it. Maybe you have a legitimate need to contribute to global warming, it just seems unlikely to me.
I'm sure it's entirely possible that I can run my application within the arbitrary limitations that you have set for me. I have a MongoDB and Express stack primarily. Sorry that I didn't know that online.com™ can host my application with 8 gigs of RAM for just $9 a month. I came into this damn thread wondering if maybe someone thought this was a good idea from the point of view of user experience. I don't care whatsoever about the planet. Not a bit. If my computer brings about the next Ice Age, fine. I'm a webdev, I saw an idea I liked, you ruthlessly shot me down because apparently it's going to harm you in some way. Honestly, I'd like to make a little money to pay my student loans off with, but that's not about to happen. So maybe, just maybe, I don't care how wonderfully cheap and capable the server you just randomly decided I should use is. I saw a cool idea, I wanted to implement it in an open and honest way for those users that wanted it. Sorry for destroying the planet with curiosity.
Sounds like olyou should take a refresher ethics course. And if not that, a business course because you're just going to drive your idea into the ground the way you're going. There's your feedback.
By the way, users will instantly close your game if you cause their cpu fans to spin up to 100%
You're looking to monetize. That makes it a business. If not we're back to square one, skip out on a Starbucks and just pay for your server costs yourself rather than fucking over your users :)
Maybe if you manage to create something worthwhile people will be willing to pay you some money. It's not like you need much of it for a single server. Consider it an opportunity to learn how to not piss away money/time.
I mean isn't 50% better than the 100% that these crypto miners do? And those miners keep going for as long as you have the page open, not just while scrolling.
What if you could choose a "support level" or unlock features by donating more resources? I'm thinking out loud here, but I've never heard of customer-donated CPU as a business model and there might be something here. For an author trying to monetize content online all of the "normal" options are pretty bad right now. I think most digital entertainment just isn't very valuable these days, but I'll bet the mining thing has some characteristics that compare favorably to both ads and (micro)payments.
Of course, if it was a viable strategy, wouldn't some malware authors write the malware to do this instead of ransoming files? Has that been tried? Is it a thing?
The main problem for legitimate operations is that the user will spend far more on electricity than what the site operator will earn, especially with implementations running in the browser which still aren't yet able to be as performant as you would like. With that in mind a direct exchange of currency for features/access makes a lot more sense unless you want to trick your users. Most won't realize why their power bill is so high.
There are malwares that mine crypto currencies, usually while the machine is idle as to not alert the user that something is up with their machine. However these profits are also quite low since you're using mostly low end machines.
Crypto lockers are of course way more evil, but they function just as well on low quality hardware so I can understand why malware authors do it.
Yes. Websites stealing cpu time to mine crypto currency is ridiculous. I'd go as far as calling it malware. It's a waste of my power and will wear out my hardware faster than necessary. It's also bad for the environment due to useless power drain.
If we're talking about a server for a card game you can just get a cheapo dedicated server and you'll be fine. Get a user or two to donate once a month and you will even run a profit. Or skip that Starbucks once a month.
It's a decentralized uncensorable poker game with no rake that makes money from light client-side mining of relatively cpu efficient coins - you don't think I can build a single school from that?
The real environmental cost of ads is when people actually buy the useless shit being advertised. Also, you definitely have a strange attitude toward mining cryptocoins client-side and are engaging in many assumptions and false notions (that 100% of CPU will be used, that ad-tracking doesn't use just as many cycles, that it's not opt-in, etc.)
It's actually quite simple, any website that makes my laptop fans spin up gets closed out. None of the websites with ads trigger this behavior. The cryptominers do. If you look at actual CPU usage you will notice the obvious difference.
This makes sense, since the entire idea of crypto currency mining is to use CPU cycles to mine the crypto currency. While ads is just some basic tracking and graphics.
What about what he said implies he's doing it in a scummy way? Something like this, opt in and transparent, would be much preferred over microtransactions or ads, IMO.
Efficiency doesn't mean profitable. Traditional miners require profitability while this system would only require some unknown level of efficiency. The equipment costs is basically negligible because you are using idle capacity of existing hardware. The marginal revenue also doesn't need to beat electricity costs because the people paying the electricity are not the ones who are receiving the revenue. For example if every $1 of electricity generated $0.90 of revenue, that would be equivalent to the site paying a 10% fee on the micropayments they receive. That would likely be perfectly acceptable to both sides.
Monero is designed to be mined more efficiently with CPUs, or rather, not give such a huge advantage to GPU or dedicated systems (I've read that GPU mining is only 2x the performance of a roughly equivalent CPU, instead of 1000+x as with bitcoin).
As long as that's the case, maybe (and even then I don't think it would be) but as it is now, what entity ensures that sites actually use the mining as payment and not simply make you pay the whole time?
How would you negotiate prices if your customers are not even aware how much they are paying?
I think browsers and OSes need to improve to make mining in the background possible such that the UX is not hampered in any way. Right now, with Javascript in the same thread as the UI, that seems not really possible.
I recall that for Bitcoin, the profit was something like a billionth of a cent per user-hour. So it would be hard to be profitable even if all you're paying for is a little engineer time to deploy it.
I assumed this whole notion of browser mining as a replacement for ads was just a laugh, but maybe not. Are there coins where it can actually make a noticeable amount of money?
That's the reason TPB is using Monero. It was specifically designed to be mined on consumer CPUs with little to no benefit to running on a GPU or ASIC.
That's partially incorrect. While XMR is very resistant to ASICs and not very GPU friendly, a high-end consumer GPU will still mine over 2x as much as a high-end consumer CPU.
edit: of course because the majority of users have integrated gpus, cpu mining will typically be faster.
Bitcoin quickly moved to GPUs and then ASICs, making mining them with CPUs pointless. Some coins are designed to be very difficult to mine with GPUs or ASICs, so a Browser based miner isn't so ridiculous. Wasm also makes it a bit faster.
> [...] There are solutions to run the Cryptonight algorithm on a GPU instead, but the benefit is about 2x, not 10000x like for other algorithms used by Bitcoin or Ethereum. This makes Cryptonight a nice target for JavaScript and the Browser. [...] Our miner uses WebAssembly and runs with about 65% of the performance of a native Miner. [...]
Can you actually use WebGL for this? I mean, don't you need a user-visible graphics context? That's a serious question, I have used WebGL only once in my life and that was years ago.
On the other hand, WebGPU looks exactly like the kind of technology that would make web-based GPU-enabled bitcoin mining realistic.
But if most users have integrated graphics, and even with dedicated graphics cards the improvement is nowhere near an order of magnitude, would it be much better?
That $500 was probably what they made within the hours they tested the code, as they do millions of pageviews an hour. Reddit still thinks they're lucky to cover a handful of servers LOL.
There is an interesting position that asic mining is the most democratic and decentralized way. The easier and simpler and cheaper a miner is to produce, the more accessible it is and likely that companies can manufacture and distribute it, turning it into a commodity. Complex proofs that require cpu's, for example, hand a permanent monopoly to Intel and friends. When the nanometer race ends in a few product generations (as we reach the limits of physics), the more commoditized silicon will become, and the more likely we can get a miner for a couple of bucks at the grocery store, or embed it in devices, etc. - making it truly decentralized.
Historically, those companies have held and mined with the current generation of ASICs (that their customers have paid for!), while they develop the next generation.
Once they have the next generation off the production line, they take the used previous generation, box them up and ship them off to their customers, and then plug the new generation into their mining pools.
If we could trust ASIC manufacturers to not sit on the best hardware, you might be right. However, for the moment everyone can get their hands on CPUs and GPUs of roughly the same power, while easily accessible ASICs are several orders of magnitude slower than the current state of the art.
Because it is different than ads. On a site, you might want to leave ads blocked for privacy reasons but just enable the miner to pass the coin-hive Captcha for example.
In uBlock you can just click the big off button and then click it on again. I see that No Coin has a 'disable for 1 minute' button, which is slightly different, but probably not worth a separate extension for most people.
You can turn off the filters in your adblocker and just enable a few select filters, like this one. This would be silly of you, since ads are a popular vector for spyware and malware, but hey, you can do it.
Extensions are also vectors for adware and malware so it's better to trust established extensions, and questioning an extension whose behvior could be trivially accomplished without is a reasonable concern to raise.
More browser extensions means more potential for conflicts, slowdowns and more UI clutter (assuming they have an interactive function like this one). Browser extensions getting hacked or bought and turned into malware is a concern. My adblocker is available for all browsers I use (and not just Chrome) and I know it's UI already - disabling a single block temporarily is done in 2 clicks.
That's why I'm skeptical of new browser extensions for things that the ones I have can already cover.
Doesn't mean everybody else has to feel like that (e.g. I honestly hadn't considered someone might want to install this but not a generic configurable blocker - even if you aren't aggressively blocking ads uBlock would be useful for me)
Wait, people are actually doing this? Using client-side resources not to deliver content or applications to clients, or even to visibly deliver things like advertisements, but to divert user CPU cycles for their own purposes?
I want to know more about this. Are they seeking any kind of consent from the users, or even disclosing it to the users? If not, I have serious doubts about the legality of this behavior.
The Pirate Bay just tested that yesterday, apparently. They bundled a Monero javascript miner with some of their pages. The funny thing is that while the legality of that is questionable enough for the more reputable websites not to go down that road, TPB is already shady enough to pull it off - and their users don't really have anyone to complain to.
It's worth noting that this isn't exactly a new idea - some MIT students had a project a couple of years ago that was basically that, except they tried to turn it into a startup. The viability of it was questionable back then as well.
But it's a bit strange that the same broad concept can include subtle things where the indirect result of an activity is a computation that someone else wanted you to make, along with explicit cases where someone asks your device to run a full-fledged applet and it does so (to someone else's benefit).
In 2015 I had the idea to start a meme aggregator and use it as a distributed JS computer where visitors are the nodes. I just didn't know what to do with it. Until now!
Pirate Bay trialed this but otherwise nobody is doing this at scale right now. The problem is that users will notice and the ROI is miniscule. Even if your users keep the miner running 24/7 you're nowhere near just regular old ads.
Not arguing with you, but I've seen a lot of people say this has very minimal ROI without giving any numbers. Do you happen to have any to share? Are you considering a higher relative investment based on an inconvenience to the user?
I'd love to explore this idea in a more reasonable, less-sketchy, opt-in way, but I'm only just getting started with crypto and I'm not sure what factors go into estimating potential costs/returns yet.
hm yes this has been going on for years from anonymous services. remember the WannaCry exploit? another group was already using the same exploit to mine monero, it was more profitable than WannaCry's global clusterf* and fixing WannaCry merely exposed the other group's mining operation, and cut it off when the patches rolled out.
the only thing new is known organizations trying to do it for revenues.
As I said, I have doubts. I'm not saying "definitely illegal," just dubious as all hell.
In terms of specifics, maybe not anything criminal (though a prosecutor could try the CFAA), but on the civil side tort law trespass theories, maybe also unjust enrichment theories, would be well worth a try for a plaintiff's lawyer.
But really, I'm thinking in terms of more abstract legal ideas that could use some caselaw development to flesh out---the notion that there's an implied license to use resources on a user's computer to an ordinary extent and for an ordinary purpose---and grabbing onto those resources for this kind of extraordinary purposes without prior notice violates that license in just the same kind of way that (eg) triggering a more conventional malware download would. If you buy that theory (and I tentatively do), then there are lots of concrete legal doctrines to hook it to.
World of Warcraft and other games (apparently Windows 10 too) have used P2P (torrent-like) patch systems in the past, where after you downloaded a content update, you also distribute it to other users. AFAIK this was opt-out rather than opt-in. I think that falls under the same category of using the users' computer for an extraordinary purpose.
For those wondering how it works, it seems to be a blacklist. Here's the crux of it:
chrome.webRequest.onBeforeRequest.addListener(details => {
// ...
// Is domain white listed
if (isDomainWhitelisted(domains[details.tabId])) {
return { cancel: false };
}
return { cancel: true };
}, { urls: blacklistedUrls }, ['blocking']);
It's kind of sad how much boilerplate is required to write a simple extension. I wonder if there's a framework for saving labor while building cross-compatible browser extensions. Then again, maybe the world doesn't need yet another JavaScript framework.
I loved using those tools, but I think many browser extensions today are more involved than small shim scripts. A lot of them have CRUD operations, data editing interfaces, css/image assets, etc. I was thinking about something a bit more composed like create-react-app.
I wrote a grease monkey script that allowed you to annotate a website and save the notes permanently to local storage. It had all of the above features. The only real limitation is the sandboxing.
No more than the existing trend of 'web app' entirely Javascript rendered websites. My solution to both is very simple: I run JS only from white-listed domains. Sure this breaks many sites but, well, fuck those sites.
Someone mentioned a CoinHive Captcha. This is usually when my NoScript approach breaks. There would be no way around enabling the captcha script, therefore enabling the miner. Normally I then... fuck those sites, but what if that's reaaaally becoming a thing and say StackOverflow does it? You would need some way of adjusting allocated browser resources real fast and precise. Only way I can think of right now...
It's funny because just yesterday I was at a hackathon and made AddCoinPlus [1], a browser extension that uses a very tiny bit of your CPU to mine for non-profits of your choice. People really loved it because it is your choice to do so or not, it's not a website making your CPU work for their own profit.
Leaving the problem with battery life behind for a moment, this really has the makings of a perfect solution to the monetization problem imo. It's decentralized, democratic, etc.
Also when taking the problem with battery life into consideration, if the website notifies you that it does this you're free to find another website.
Blacklisting was the shortest way to a working solution. I'm looking into other ways of blocking coin mining in browsers. If you have any ideas, feel free to submit an issue or a PR on Github.
Asking people to mine for you on your website is just like asking customers to wash the dishes at your restaurant. Even if you have a ton of them it is still annoying and doesn't pay.
Trading content for processing power seems like a logical and satisfactory solution to an age-old problem- people wanting free stuff, businesses wanting to stay in business. I think it's a beautiful example of new economic models enabled by tech. Are people's main concerns battery life/power usage?
My concern is that I can't leave a tab open long-term without risking a performance hit. Of course that's also true now (with ads or heavy JS), but those generally aren't deliberately trying to induce high(er) CPU loads.
I really like the idea of a proof-of-work captcha, but can it work? The hash requirement needs to be low enough for mobile devices, but scraping and automation are usually done on powerful servers. Is there an equilibrium where it's comfortable for end users, but a real deterrent for servers?
From another comment: "The idea was to keep it separate from adblocking. Coin mining in the browser is a different issue. Where ads are tracking you and visually interfering with your browsing experience, coin mining, if abused, is eating your computer ressources resulting in slow downs (from high CPU usage) and excessive power consumption. You might be OK with that and not with ads, or vice versa. Or you might just want to keep ads blocked entirely and just enable the coin mining script for a minute to pass a Captcha. That's why I believe having a separate extension is useful."
Current generation browsers are blocking [bad] adverts and plugins. How long before we see hard CPU time limits on scripts? I can't imagine it's hard to implement but what a waste of developer time.
Is there a way to exploit the miner scripts? I mean in a way: Never trust the client? If the proof is calculated on the client, how does the server confirm that the proof is correct?
> how does the server confirm that the proof is correct?
The point of proof-of-work algorithms is to be hard to compute but easy to verify.
As a simplified example, a proof-of-work might be to take some input and find a corresponding salt that leads to a sha256 with 10 leading zeros. The user works hard to find that salt (the proof-of-work) using some brute force search, but the server easily verifies that the proof is correct because checking a sha256 is easy.
So the proof is verifiable by the definition of the algorithm.
So when I intercept the script and send a bad proof back, it would not do any harm? So no https://xkcd.com/327/ for the bad miners? I guess, we need browser extensions that just send the correct proof to my own wallet then?
It is true for checking final solution, but what in case of partial results? I am not sure about monero but with BTC I could claim I checked range assigned to me and found no solutions. I guess mining pools have solved it in some way.
edit: I see that Coinhive pays only for solved hashes, so there is no way to "harm" them, and for website owner it makes no difference if hashes are not computed at all or invalid results are submitted.
Can anyone explain to me like I'm a five year old why would anyone need to block coin miners on their browser and why they would be mining there in the first place?
Mining consumes power. If you're on a mobile device, that power is limited and will result in you having a flat battery sooner than you otherwise would.
They are used because the coins that are mined can be sold and the money used to pay for hosting and food.
- A website author can include a script for their _users_ to mine coins for the website author, which effectively distributes work across many machines you don't own.
- This means, instead of mining on just your own machine, you're effectively mining across N machines (however many users you have) as long as they have your website open (at a ~60% efficiency rate according to other comments).
- This is great for the website author, as it's very little effort on their behalf for a small profit, and affects each individual user less than the whole.
Why someone would want to block coin miners:
- Mining is very CPU intensive, which can slow down the browser for users.
- Increased CPU usage can also lead to higher electricity bills
- Increased CPU usage can also lead to lower battery life
- Someone might also not want to benefit the owner of a website they're visiting, especially if it's at any cost to them (electricity bills, battery, cpu, etc)
According to ComputerGuru's post below, TPB is switching from ads to coin mining in the background.
Without disclosure/client choice it could slow down someone's computer and and be portrayed as malicious ("If they can mine potentially valuable coins while I'm on the site, what else could they be doing while serving my browser content?")
The only reason i don't like browser based mining for websites is due to it all being contingent on volume of visitors and not the actual content of the site.
Tried the Chrome extension, but it just toggles between "Enable No Coin" and "Unpause No Coin." I didn't disable it, but I have to enable it? Repeatedly? And I didn't pause it, so why would I be unpausing it? Where do I look if I merely want to find out whether it is currently 1) enabled and/or 2) paused? And how do I toggle either or both of those? Does it need to be this complicated?
This is a bug that is happening when the background script doesn't run. It only happened to me in an outdated version of Opera. Updating my browser fixed it.
It is a very early version of the extension, improvements are on their way.
I've got the browser sandboxed... and adblocked... and ScriptSafe'd and sometimes HTML5-blocked... so maybe that has something to do with it too! Will test it again with all that stuff turned off.
Though I'm opposed to the idea of web sites leeching mining time from me, honestly it would probably use less CPU than so many websites that deluge me with video ads…
This would make a lot more sense as a blocklist for ublock than as its own extension. Actually I wouldn't be that surprised to learn it's already blocked.
It would be nice if there was some way to integrate charging status into this. I would be fine donating a few seconds of CPU/GPU time for an ad-free experience, but I would only want to do it if whatever device I was on was running off of wall power and not it's battery.
And what do I see here? That before it even started people are fighting it.
Found this solution better than ads and infinetely loading ad-tech JS files.